974db5ccd22407ad942e86a8c8ad5ca2bd52d4064c62f8b05b2f67cc04e0d8f2 | Triage

Sharing

General

Target

974db5ccd22407ad942e86a8c8ad5ca2bd52d4064c62f8b05b2f67cc04e0d8f2
Size

313KB
Sample

221127-3z8hlahd95
MD5

da2a06932fd8253e9e3a6dd011b34ca3
SHA1

9135202aa0d4685c93e130d7c53c7dcda9e72c16
SHA256

974db5ccd22407ad942e86a8c8ad5ca2bd52d4064c62f8b05b2f67cc04e0d8f2
SHA512

e132d2f102897a799e1dcb19afb743e012f3df98a65400f6ae1ff27cff11bd1eaf2928c4e19b71e4b4c9cddd4ef7a9f2f72abc042b2e232e3233c5221c7bdf1c
SSDEEP

6144:PrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0L9:Pryu6/eIo4vMResyEf0uP9d9UG09

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  974db5ccd22407ad942e86a8c8ad5ca2bd52d4064c62f8b05b2f67cc04e0d8f2
- Size
  
  313KB
- MD5
  
  da2a06932fd8253e9e3a6dd011b34ca3
- SHA1
  
  9135202aa0d4685c93e130d7c53c7dcda9e72c16
- SHA256
  
  974db5ccd22407ad942e86a8c8ad5ca2bd52d4064c62f8b05b2f67cc04e0d8f2
- SHA512
  
  e132d2f102897a799e1dcb19afb743e012f3df98a65400f6ae1ff27cff11bd1eaf2928c4e19b71e4b4c9cddd4ef7a9f2f72abc042b2e232e3233c5221c7bdf1c
- SSDEEP
  
  6144:PrK9uEo2S1YnQmCX492DkwNP3qpYFtcM7dZssr+Ixf6LuDTKD2ay9KGYG0L9:Pryu6/eIo4vMResyEf0uP9d9UG09
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2